B-Safe

Health&Safety management and offsite activities planning system

Project start:

Goal

To provide a user-fiendly Health&Safety risk management system and offsite activities (Educational trips and visits) planning system that would be compliant with current Government (e.g. PSN, GDPR, etc.) and industry standards of accessibility, privacy, security and resilience (e.g. ISO 27001, ISO9001, Cyber Essentials PLUS, etc.)

B-SAFE – a web-based system to organise, record and report on key elements of the operational health and safety risk management and offsite activities (Educational trips and visits) planning, both corporately and within each discrete business unit and location.

Basic modules

  • Offsite activities
  • Incidents
  • Assessments
  • Audits
  • Warnings
  • Work permits
  • Communications
  • Trainings
  • Documents management
  • Users (staff and pupils, external contractors)
  • Calendar and Events
  • Safe systems of work
  • Statistics and reports
  • Databases (Activity providers, Transport operators, etc.)

The system is hosted and managed by Bondap solution (SaaS). The system is browser-based, browser and operating system independent and does not require software installation on local machines.

The system has flexible permissions and privilege settings

The system has Full Disaster Recovery, Recovery Point Objective (RPO) 1 hour, Recovery Time Objective (RTO) 4 hours. Minimum support hours 7.00am – 7.00pm

The system is compliant with current Government (PSN) and industry standards of accessibility, privacy, security and resilience

The solution is hosted in a tier 3 or equivalent data centre, Compliant with the 14 Cloud Security Principles (https://www.ncsc.gov.uk/guidance/implementing-cloud-security-principles) and has a robust approach to ensuring a smooth service through the effective management of network traffic.

The system has lots of additional modules and extensions

Features

  • full audit trail and on a request produce reports to show all changes, including date, time and who changed it and show old and new values.

  • ability to modify and change the organisational structure without losing connections to previous organisational structures.

  • capability of viewing documents/reports and completing templates off-line (having downloaded them on-line).

  • capability of archiving and removing from normal views in all modules, entities (and their content) that are no longer in use.

  • sufficient features and workflow to allow secure and effective use by a range of participants.

  • effective summary analysis and reporting capability, effective export, import, print and search capability.

  • enables Completed / Incomplete assessments from a list that are required for any given entity;

  • enables Assessments due / overdue for review;

  • tracking of Status of implementation of any additional control measures identified;

  • can form the basis of checklists/question sets that could be used for internal audit purposes;

  • enables the generation of safe systems of work for users/managers to adapt and use during live risk assessment activities

  • enables completed risk assessments/safe systems of work within one area to be accessed and viewed by all users and adapted/amended/produced and reviewed by managers in another entity;

  • allows for the attachment of documents, photos and video to support the assessment findings;

  • allows for risk assessments placed at a higher level (e.g. service) to be accessed by, and be applicable to, lower levels within the structure (e.g. business unit);

  • allows the search for, access to, add to and extract from, any archived assessments.

  • generates reports with standard introductions and conclusions which are editable either on request or automatically on a regular basis;

  • allows to transfer the completed incident/assessments/audit report to managers/H&S Officers/identified users to undertake relevant investigations and actions;

  • enables the recording of completion of follow-up tasks and tracks the completion;

  • generates the HSE RIDDOR form, and if appropriate onward transfer directly to HSE electronically;

  • generates incident reports when appropriate that are suitable for sending to the Care Quality Commission;

  • involves workflow incorporating email alerts to specified users with appropriate levels of access/admin roles.